[SECURITY] Fedora 14 Update: perl-5.12.3-143.fc14

updates at fedoraproject.org updates at fedoraproject.org
Wed Apr 13 20:48:16 UTC 2011 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-4610
2011-04-02 22:20:33
--------------------------------------------------------------------------------

Name        : perl
Product     : Fedora 14
Version     : 5.12.3
Release     : 143.fc14
URL         : http://www.perl.org/
Summary     : Practical Extraction and Report Language
Description :
Perl is a high-level programming language with roots in C, sed, awk
and shell scripting.  Perl is good at handling processes and files,
and is especially good at handling text.  Perl's hallmarks are
practicality and efficiency.  While it is used to do a lot of
different things, Perl's most common applications are system
administration utilities and web programming.  A large proportion of
the CGI scripts on the web are written in Perl.  You need the perl
package installed on your system so that your system can handle Perl
scripts.

Install this package if you want to program in Perl or enable your
system to handle Perl scripts.

--------------------------------------------------------------------------------
Update Information:

Security bug: lc launder tainted data

http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr  1 2011 Marcela Mašláňová <mmaslano at redhat.com> - 4:5.12.3-143 
- 692900 - lc launders tainted flag, RT #87336
* Thu Mar 10 2011 Tom Callaway <spot at fedoraproject.org> - 4:5.12.3-142
- update ExtUtils::ParseXS to 2.2206 (current) to fix Wx build
* Mon Jan 24 2011 Marcela Mašláňová <mmaslano at redhat.com> - 4:5.12.3-141
- stable update 5.12.3
- add COMPAT
* Wed Dec  1 2010 Marcela Mašláňová <mmaslano at redhat.com> - 4:5.12.2-140
- create sub-package for CGI 3.49
- create sub-package for threads-shared
* Tue Nov  9 2010 Petr Pisar <ppisar at redhat.com> - 4:5.12.2-139
- Sub-package perl-Class-ISA (bug #651317)
* Mon Nov  8 2010 Marcela Mašláňová <mmaslano at redhat.com> - 4:5.12.2-138
- 643447 fix redefinition of constant C in h2ph (visible in git send mail,
  XML::Twig test suite)
* Mon Nov  8 2010 Petr Pisar <ppisar at redhat.com> - 4:5.12.2-137
- Make perl(ExtUtils::ParseXS) version 4 digits long (bug #650882)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #692900 - perl: lc(), uc() routines are laundering tainted data [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=692900
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update perl' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list